Famous Players PIPEDA violations

General

Appropriate circumstances

(3) An organization may collect, use or disclose personal information only for purposes that a reasonable person would consider are appropriate in the circumstances.

“Reasonable person” here certainly includes people with disabilities and people who know their rights under PIPEDA. Given Famous Players’ mammoth inconsistency in handling privacy issues, the near-disposability of the reflector and headset hardware, the all-but-complete absence of missing equipment after two years of use, and the huge privacy cost of collecting and retaining personal information for no provable benefit, reasonable people would conclude that Famous Players’s policies are not appropriate in the circumstances.

Coercion vs. consent

[A]n organization may
collect personal information without the knowledge or consent of the
individual only if

(a) the collection is clearly in the interests of the individual and consent cannot be obtained in a timely way;

(b) it is reasonable to expect that the collection with the knowledge or consent of the individual would compromise the availability or the accuracy of the information...;

(c) the collection is solely for journalistic, artistic or literary purposes; or

(d) the information is publicly available and is specified by the regulations.

Coercion is not consent. By virtue of its lock on the Canadian accessible-movie marketplace, in addition to its arguably illegal privacy policies, people with disabilities and others have no choice but to permit Famous Players to take their personal information under the current scheme. This can hardly be considered “consent”; the alternative is never to see an accessible first-run movie in Canada at all.

Audits

18. (1) The Commissioner may, on reasonable notice and at any reasonable time, audit the personal information management practices of an organization if the Commissioner has reasonable grounds to believe that the organization is contravening a provision of Division 1 or is not following a recommendation set out in Schedule 1....

I hereby request that the Commissioner carry out such an audit against Famous Players.

Schedule 1 violations

Schedule 1 topic and wording

Response and objections

Policies and practices

Organizations shall implement policies and practices to give effect to the principles, including

implementing procedures to protect personal information;

establishing procedures to receive and respond to complaints and inquiries;

training staff and communicating to staff information about the organization’s policies and practices; and

developing information to explain the organization’s policies and procedures.

As I’ve experienced, the act of permanently recording personal information and temporarily confiscating ID cards clearly violates the requirement of “implementing procedures to protect personal information.” I discern no “procedures to receive and respond to complaints and inquiries” apart from calling me up to harass me for asserting my rights in theatres. It took months of querying after the 1 January 2004 implementation of PIPEDA before any Famous Players staffmember could explain “the organization’s policies and practices,” which to this day only one person can do; clearly, “training to staff and communicating to staff” is not happening. There is no “information to explain the organization’s policies and procedures” whatsoever, save for a declaration in an inaccessible Web site.

Identifying purposes

The purposes for which personal information is collected shall be identified by the organization at or before the time the information is collected.... The identified purposes should be specified at or before the time of collection to the individual from whom the personal information is collected.

Famous Players routinely fails this test, insisting merely that it’s procedure or that moviegoers’ privacy must be violated because of “all the money” Famous Players has spent on near-disposable reflectors and headsets. Famous Players violates this requirement by buring a declared privacy policy in an inaccessible Web page. “The individual from whom the personal information is collected” is standing at a Guest Services desk, not sitting at a computer.

Knowledge and consent

The principle requires “knowledge and consent.” Organizations shall make a reasonable effort to ensure that the individual is advised of the purposes for which the information will be used. To make the consent meaningful, the purposes must be stated in such a manner that the individual can reasonably understand how the information will be used or disclosed.

At no time does Famous Players even bother to explain reasons, apart from protecting “all the money” they’ve spent on near-disposable hardware. Blind people cannot see that their information is being permanently recorded in a book. Blind moviegoers have no dependable access to Famous Players’ inaccessible Web site.

Minimized use

An organization shall not, as a condition of the supply of a product or service, require an individual to consent to the collection, use, or disclosure of information beyond that required to fulfil the explicitly specified, and legitimate purposes.

As I have explained, Famous Players has no justification to require individuals to surrender their legally-protected privacy rights merely to enjoy an accessible movie. Among other reasons, Famous Players does not take care of reflectors and headsets; such gear has hardly ever gone missing; there is no proof the equipment is ever stolen; and complaints are ignored. Hence, their purposes could not be called legitimate.

Further, Famous Players staff use my Big Card sign-in information at the cashier’s desk as a trigger to talk to each other about me and report back to headquarters about me.

Sensitivity of information

In determining the form of consent to use, organizations shall take into account the sensitivity of the information. Although some information... is almost always considered to be sensitive, any information can be sensitive, depending on the context.... An organization should generally seek express consent when the information is likely to be considered sensitive. Implied consent would generally be appropriate when the information is less sensitive.

Requiring names and phone numbers is invasive. My phone number is unlisted, for example. Demanding the handing over of ID cards exposes the moviegoer to identity theft. Famous Players has shown nothing but hamhanded insensitivity to the privacy needs of its patrons. I have established already that Famous Players barely explains itself and never seeks express consent to the information; it’s a take-it-or-leave-it proposition.

Limiting Collection

The collection of personal information shall be limited to that which is necessary for the purposes identified by the organization. Information shall be collected by fair and lawful means.... Organizations shall not collect personal information indiscriminately. Both the amount and the type of information collected shall be limited to that which is necessary to fulfil the purposes identified.

Even if the requirement to provide personal information were justified (which I fundamentally dispute), it is not justified to retain and communicate that information. It is also unfair to require a group almost entirely composed of people with disabilities to surrender their legal privacy rights when comparable nondisabled people are under no such requirement.

Limiting Use, Disclosure, and Retention

Personal information shall not be used or disclosed for purposes other than those for which it was collected, except with the consent of the individual or as required by law. Personal information shall be retained only as long as necessary for the fulfilment of those purposes.... Organizations should develop guidelines and implement procedures with respect to the retention of personal information. These guidelines should include minimum and maximum retention periods.... Personal information that is no longer required to fulfil the identified purposes should be destroyed, erased, or made anonymous. Organizations shall develop guidelines and implement procedures to govern the destruction of personal information.

In some theatres, Famous Players retains information permanently. Once reflectors and/or headsets are returned, there is no further need for the information, even if there ever were a need.

Accuracy

Personal information shall be as accurate, complete, and up-to-date as is necessary for the purposes for which it is to be used.

Famous Players staff permit and encourage the use of false names and phone numbers.

Safeguards

Personal information shall be protected by security safeguards appropriate to the sensitivity of the information.... The security safeguards shall protect personal information against loss or theft, as well as unauthorized access, disclosure, copying, use, or modification. Organizations shall protect personal information regardless of the format in which it is held.

Personal information is held in open books and binders and is used by other staff as a source of gossip and complaints.

Openness

An organization shall make readily available to individuals specific information about its policies and practices relating to the management of personal information.... Organizations shall be open about their policies and practices with respect to the management of personal information. Individuals shall be able to acquire information about an organization’s policies and practices without unreasonable effort. This information shall be made available in a form that is generally understandable.

Famous Players hides its declared privacy policy in an inaccessible Web page.